Nick
Follow

Since I added my backup Yubikey to yesterday I went to revoke the "Authentication App" option (i.e. TOTP) as a method, but it looks like maybe there's no way to revoke the "Authentication App" as an authentication method once you've set it up?

I see this on a number of sites, where they offer lots of different methods and encourage you to have multiple so you won't get locked out. For , though, I think it's just as important to be able to revoke weaker methods when you setup stronger ones, but this seems to frequently be neglected, which looks like a sort of half-hearted attempt at security to me.

This wouldn't be surprising to me in general, but I guess I expected Github to meet a higher standard, given how many processes on the Internet expect to be able to trust the contents of specific Github repositories. Maybe I'm missing something in the UI?

· · 0 · 0 · 0
Sign in to participate in the conversation
Qoto Mastodon

QOTO: Question Others to Teach Ourselves
An inclusive, Academic Freedom, instance
All cultures welcome.
Hate speech and harassment strictly forbidden.

Trending now

Resources

Developers

What is Mastodon?

qoto.org

More…

v3.5.19-qoto · Privacy policy